- Update to 0.5.5

* Fix #249: Handle fetching GPG version when not the first item in the configuration. * Fix #250: Capture uid info in a uid_map attribute of ScanKeys/ListKeys. * Fix #255: Improve handling of exceptions raised in background threads. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-python-gnupg?expand=0&rev=38
2025-08-14 11:15:08 +00:00
commit 709d81fb0b
8 changed files with 303 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+.osc
--- a/python-gnupg-0.5.2.tar.gz
+++ b/python-gnupg-0.5.2.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:01d8013931c9fa3f45824bbea7054c03d6e11f258a72e7e086e168dbcb91854c
+size 64531
--- a/python-gnupg-0.5.3.tar.gz
+++ b/python-gnupg-0.5.3.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:290d8ddb9cd63df96cfe9284b9b265f19fd6e145e5582dc58fd7271f026d0a47
+size 65457
--- a/python-gnupg-0.5.4.tar.gz
+++ b/python-gnupg-0.5.4.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f2fdb5fb29615c77c2743e1cb3d9314353a6e87b10c37d238d91ae1c6feae086
+size 65705
--- a/python-gnupg-0.5.5.tar.gz
+++ b/python-gnupg-0.5.5.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3fdcaf76f60a1b948ff8e37dc398d03cf9ce7427065d583082b92da7a4ff5a63
+size 66467
--- a/python-python-gnupg.changes
+++ b/python-python-gnupg.changes
@@ -0,0 +1,203 @@
+-------------------------------------------------------------------
+Thu Aug 14 09:54:33 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
+
+- Update to 0.5.5
+  * Fix #249: Handle fetching GPG version when not the first item in the configuration.
+  * Fix #250: Capture uid info in a uid_map attribute of ScanKeys/ListKeys.
+  * Fix #255: Improve handling of exceptions raised in background threads.
+
+-------------------------------------------------------------------
+Mon Feb 17 03:29:13 UTC 2025 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Switch to pyproject macros.
+- No more greedy globs in %files.
+
+-------------------------------------------------------------------
+Thu Feb 13 10:37:11 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
+
+- Update to 0.5.4
+  * Fix #242: Handle exceptions in the on_data callable.
+
+-------------------------------------------------------------------
+Tue Oct  1 12:42:05 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 0.5.3:
+  * Add WKD (Web Key Directory) support for auto-locating keys.
+  * Ensure local variable is initialized even when an exception
+    occurs.
+  * Fix #239: Remove logging of decryption result.
+
+-------------------------------------------------------------------
+Thu Dec 14 20:56:28 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 0.5.2:
+  * Fix #228: Clarify documentation for encryption/decryption.
+  * Make I/O buffer size configurable via ``buffer_size`` attribute
+    on a ``GPG`` instance.
+
+-------------------------------------------------------------------
+Fri Dec  1 17:09:22 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 0.5.1:
+  * Added ``TRUST_EXPIRED`` to ``trust_keys``. Thanks to Leif Liddy
+    for the patch.
+  * Fix #206: Remove deprecated ``--always-trust`` in favour of
+    ``--trust-model always``
+  * Fix #208: Add ``status_detail`` attribute to result objects which
+  * is populated when the status is ``'invalid recipient'``
+    (encryption/decryption) or ``'invalid signer'``
+    (signing). This attribute will be set when the result object's
+    ``status`` attribute is set to ``invalid recipient`` and will
+    contain more information about the failure in the form of
+    ``reason:ident`` where ``reason`` is a text description of the
+    reason, and ``ident`` identifies the recipient key.
+
+  * Add ``scan_keys_mem()`` function to scan keys in a string. Thanks
+    to Sky Moore for the patch.
+  * Fix #214: Handle multiple signatures when one of them is invalid
+    or unverified.
+  * A ``problems`` attribute was added which holds problems reported
+    by ``gpg`` during verification. This is a list of dictionaries,
+    one for each reported problem. Each dictionary will have
+    ``status`` and ``keyid`` keys indicating
+    the problem and the corresponding key; other information in the
+    dictionaries will be error specific.
+  * Fix #217: Use machine-readable interface to query the ``gpg``
+    version.
+  * Added the ability to export keys to a file.
+
+-------------------------------------------------------------------
+Fri May  5 11:10:16 UTC 2023 - Johannes Kastl <kastl@b1-systems.de>
+
+- add sle15_python_module_pythons
+
+-------------------------------------------------------------------
+Sat Sep 17 07:21:39 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 0.5.0:
+  * Fixed #181: Added the ability to pass file paths to encrypt_file, decrypt_file,
+    sign_file, verify_file, get_recipients_file and added import_keys_file.
+  * Fixed #183: Handle FAILURE and UNEXPECTED conditions correctly. Thanks to sebbASF for
+    the patch.
+  * Fixed #185: Handle VALIDSIG arguments more robustly.
+  * Fixed #188: Remove handling of DECRYPTION_FAILED from Verify code, as not required
+    there. Thanks to sebbASF for the patch.
+  * Fixed #190: Handle KEY_CREATED more robustly.
+  * Fixed #191: Handle NODATA messages during verification.
+  * Fixed #196: Don't log chunk data by default, as it could contain sensitive
+    information (during decryption, for example).
+  * Added the ability to pass an environment to the gpg executable. Thanks to Edvard
+    Rejthar for the patch.
+
+-------------------------------------------------------------------
+Sat Jun  4 13:54:10 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 0.4.9:
+  * Added a status attribute to the returned object from gen_key()
+  * Provide the ability to add subkeys.
+  * Add keygrip values to the information collected when keys are listed.
+  * Added extra_args keyword argument to send_keys(), recv_keys() and
+    search_keys() to allow passing options relating to key servers.
+
+-------------------------------------------------------------------
+Mon Nov 29 11:57:11 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 0.4.8:
+  * Return gpg's return code in all result instances.
+  * Add check for invalid file objects.
+  * Provide more useful status message when a secret key is absent.
+  * Added a get_recipients() API to find the recipients of an encrypted
+    message without decrypting it.
+
+-------------------------------------------------------------------
+Sun Aug  1 09:24:35 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 0.4.7:
+  * Added support for no passphrase during key generation.
+  * Improved permission-denied test.
+  * Updated logging to only show partial results.
+  * Allowed a passphrase to be passed to import_keys().
+
+-------------------------------------------------------------------
+Wed Aug  5 13:20:26 UTC 2020 - Marketa Calabkova <mcalabkova@suse.com>
+
+- Update to 0.4.6
+  * Fixed #128: Added ECC support by changing key generation parameters. (The Key-Length
+    value isn't added if a curve is specified.)
+  * More bugfixes.
+  * Support for Python versions 3.5 and under is discontinued, except for Python 2.7.
+
+-------------------------------------------------------------------
+Tue Sep 10 11:08:04 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Update to 0.4.5:
+  * various bugfixes
+
+-------------------------------------------------------------------
+Wed Apr 17 10:39:48 CEST 2019 - Matej Cepl <mcepl@suse.com>
+
+- Switch to pytest runner, which seems to be a way more stable in
+  providing the results.
+
+-------------------------------------------------------------------
+Thu Jan 24 10:07:27 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>
+
+- Enable tests
+
+-------------------------------------------------------------------
+Thu Jan 24 09:31:19 UTC 2019 - Karol Babioch <kbabioch@suse.de>
+
+- Update to 0.4.4:
+  * Changed how any return value from the ``on_data`` callable is processed. In
+    earlier versions, the return value was ignored. In this version, if the
+    return value is ``False``, the data received from ``gpg`` is not buffered.
+    Otherwise (if the value is ``None`` or ``True``, for example), the data is
+    buffered as normal. This functionality can be used to do your own
+    buffering, or to prevent buffering altogether.  The ``on_data`` callable is
+    also called once with an empty byte-string to signal the end of data from
+    ``gpg``.
+  * Added an additional attribute ``check_fingerprint_collisions`` to
+    ``GPG`` instances, which defaults to ``False``. It seems that ``gpg`` is
+    happy to have duplicate keys and fingerprints in a keyring, so we can't be
+    too strict. A user can set this attribute of an instance to ``True`` to
+    trigger a check for collisions.
+  * With GnuPG 2.2.7 or later, provide the fingerprint of a signing key for a
+    failed signature verification, if available.
+  * For verification where multiple signatures are involved, a mapping of
+    signature_ids to fingerprint, keyid, username, creation date, creation
+    timestamp and expiry timestamp is provided.
+  * Added a check to disallow certain control characters ('\r', '\n', NUL) in
+    passphrases (CVE-2019-6690 bsc#1123498)
+
+-------------------------------------------------------------------
+Tue Dec  4 12:53:04 UTC 2018 - Matej Cepl <mcepl@suse.com>
+
+- Remove superfluous devel dependency for noarch package
+
+-------------------------------------------------------------------
+Wed Jun 13 19:37:41 UTC 2018 - astieger@suse.com
+
+- uppate to 0.4.3:
+  * Add --no-verbose to the gpg command line, in case verbose is
+    specified is gpg.conf.
+  * This is mitigation against CVE-2018-12020 boo#1096745
+- includes changes from 0.4.2:
+  * Subkey information is now collected and returned in a
+    subkey_info dictionary keyed by the subkey's ID
+  * Add expect_passphrase password for use on GnuPG >= 2.1 when
+    passing passphrase to gpg via pinentry
+  * Provid a trust_keys method to allow setting the trust level
+    for keys
+  * When the gpg executable is not found, note the path used in the
+    exception message
+  * Make error messages nor informational
+
+-------------------------------------------------------------------
+Mon Sep 11 15:33:08 UTC 2017 - jengelh@inai.de
+
+- Ensure description neutrality.
+
+-------------------------------------------------------------------
+Wed Sep  6 17:29:32 UTC 2017 - toddrme2178@gmail.com
+
+- Initial version
--- a/python-python-gnupg.spec
+++ b/python-python-gnupg.spec
@@ -0,0 +1,64 @@
+#
+# spec file for package python-python-gnupg
+#
+# Copyright (c) 2025 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%{?sle15_python_module_pythons}
+Name:           python-python-gnupg
+Version:        0.5.5
+Release:        0
+Summary:        A wrapper for the GNU Privacy Guard (GPG or GnuPG)
+License:        BSD-3-Clause
+URL:            https://pythonhosted.org/python-gnupg/index.html
+Source:         https://files.pythonhosted.org/packages/source/p/python-gnupg/python-gnupg-%{version}.tar.gz
+BuildRequires:  %{python_module pip}
+BuildRequires:  %{python_module pytest}
+BuildRequires:  %{python_module setuptools}
+BuildRequires:  fdupes
+BuildRequires:  gpg2
+BuildRequires:  python-rpm-macros
+Requires:       gpg2
+Obsoletes:      python-gnupg < %{version}
+Provides:       python-gnupg = %{version}
+BuildArch:      noarch
+%python_subpackages
+
+%description
+This module allows access to GnuPG's key management,
+encryption and signature functionality from Python programs.
+
+%prep
+%setup -q -n python-gnupg-%{version}
+
+%build
+%pyproject_wheel
+
+%install
+%pyproject_install
+%python_expand %fdupes %{buildroot}%{$python_sitelib}
+
+%check
+export NO_EXTERNAL_TESTS=true
+%pytest test_gnupg.py
+
+%files %{python_files}
+%license LICENSE.txt
+%doc README.rst
+%{python_sitelib}/gnupg.py
+%pycache_only %{python_sitelib}/__pycache__/gnupg.*.pyc
+%{python_sitelib}/python_gnupg-%{version}.dist-info
+
+%changelog